For more than twenty years the Desktop PC has been the staple of enterprise computing, as the main productivity tool for knowledge workers. This dominance is being increasingly challenged as the modern workforce shifts to a more mobile experience, with modern operating systems reflecting this commoditized (read: BYOD) trend. Within this new generation of computing the traditional way of managing (thereby controlling) those devices will no longer apply or suffice. The reality is that as we see the desktop shifting toward a more mobile form, our traditional view of how we perceive infrastructure and security is fundamentally challenged. Not convinced? Stay tuned and we’ll delve into how we see this next generation computing mapping out.
Within the mobile world there’s a powerful and agile model of security and management called Enterprise Mobility Management (EMM). It contains three major management components Mobile Device Management (MDM), Mobile Application Management (MAM) and Mobile Content Management (MCM).
…With Windows 10, Microsoft has re-architected the Windows operating system to adopt EMM…
Here’s why: With the rise of mobile computing, employees don’t use (or not only) a locked-down PC on the corporate network to do their jobs. Instead they use many different devices, some company-owned and some personally owned. These devices run a vast array of (mobile) apps and connect across networks that are outside of IT’s control. Legacy Windows client management tools (like Microsoft’s System Center Configuration Manager (SCCM) are too inflexible for modern computing environments. They imply management of a client through installation of a complex system image on the PC, constrained by the boundaries of the organization. Solutions such as DirectAccess are last gasp entreaties to modernize the managed client in the conventional sense.
…The era of the domain-joined PC is coming to a close…
EMM moves the legacy PC paradigm from complex and hard-coded system image to context-based policy. With Windows 10, Microsoft is addressing the need for greater security and management flexibility in the enterprise. Yet, the Apple MacOS platform has been in this position for many years. From the start of the “mobile century”, the MacOS platform has been considered a mobile device next to the smartphones and tablets using the Android and iOS platform. So why is this development now taking momentum ? Could it have something to do with the impressive number of 400 million Windows 10 devices already in the field ? Clearly an operating system that is imposing itself on the market in such volume, while supporting much of the desired functionality organizations and their users are looking for, is going to have impact on the conversation.
…Gartner retired the Magic Quadrant for Client Management Tools in March 2016…
The traditional Windows architecture offered a broad attack surface because both the file system and the operating system itself presented vectors. To counter the risk, IT had to install, as part of the image, additional security agents to monitor threats and remediate accordingly. Maintaining the integrity and security of data on the PC was a constant struggle. Likewise, this model required devices to join a Windows domain governed by policy (GPOs) , or third-party management software, controlling what employees could or could not do on this PC. It assumed devices were corporate-owned, Windows-based, and connected to a persistent local area network (LAN).
For the most part, the modern enterprise, moreover the IT department, no longer has the latitude to work this way. The demands of today’s employees; working on any device, in a variety of environments — home, airports, coffee shops, hotels, etc., means the traditional approach can no longer support this work style. Mobile devices are not LAN-bound and are frequently owned by the employee, rather than the company. The clouding of business v personal and the way in which the focus shifts freely from device to application to data, means overlapping is inevitable. Flexible use of devices becomes deeply embedded in many aspects of an employee’s personal and work life.
To address this new vista (no pun intended), Microsoft has re-architected Windows 10 to move beyond the legacy management systems and fully supporting EMM.
EMM solutions like Microsoft Intune are providing an efficient and flexible way to provision services to employees and secure business data on modern operating systems. The move to EMM represents a major change in how the desktop will be secured and managed moving forward.
…Our vision on this…
We believe that organizations need to start planning now for the moment where PCs are managed and secured like mobile devices, and desktop apps are developed and deployed like mobile apps. That’s a major upcoming shift within the technology landscape, enabling the transformation of the desktop.
In a upcoming blog post we’ll explain the technology behind EMM solutions, in specific the Microsoft Intune EMM solution and will also provide you a sneak preview in the near future to help you make the right decisions.